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1.You investigate a suspected malware incident and confirm that it was a false alarm. 
A. In this scenario, how would you prevent the same file from triggering another 
incident? 
B. Quarantine the file. Look up the hash at the VirusTotal website. 
C. Export the packet capture to a pcap file. 
D. Add the hash to the file filter. 
Answer: D 
Explanation: 
A file filter is a list of file hashes that you can use to exclude files from inspection by 
Netskope. By adding the hash of the file that triggered a false alarm to the file filter, 
you can prevent it from being scanned again by Netskope and avoid generating 
another incident. Quarantining the file, exporting the packet capture, or looking up the 
hash at VirusTotal are not effective ways to prevent the same file fromériggering 
another incident, as they do not affect how Netskope handles the fi ? 
Reference: Netskope Security Cloud Operation & Administration gNSCO&A) - 
Classroom Course, A 
Module 6: Data Loss Prevention, Lesson 2: File Filters. ae 
sf 

e 
2.Which two common security frameworks are useoday to assess and validate a 
vendor's security practices? (Choose two.) Ki 


A. Data Science Council of America Ad 
B. Building Security in Maturity Model © 
C. ISO 27001 &? 
D. NIST Cybersecurity Framework Pd 

l O 
Answer: B, C 3s 
Explanation: g 


The Building Security in Matfrity Model (BSIMM) is a framework that measures and 
compares the security agiWities of different organizations. It helps organizations to 
assess their current seturity practices and identify areas for improvement. ISO 27001 
is an international sfihdard that specifies the requirements for establishing, 
implementing, mafhtaining, and improving an information security management 
system. It help¥ organizations to manage their information security risks and 
demonstrate their compliance with best practices. Data Science Council of America 
(DASCA) is not a security framework, but a credentialing body for data science 
professionals. NIST Cybersecurity Framework (NIST CSF) is a security framework, 
but it is not commonly used to assess and validate a vendor’s security practices, as it 
is more focused on improving the cybersecurity of critical infrastructure sectors in the 
United States. 

Reference: [BSIMM], [ISO 27001], [DASCA], [NIST CSF]. 


3.You have applied a DLP Profile to block all Personally Identifiable Information data 


uploads to Microsoft 365 OneDrive. DLP Alerts are not displayed and no OneDrive- 
related activities are displayed in the Skope IT App Events table. 
In this scenario, what are two possible reasons for this issue? (Choose two.) 
A. The Cloud Storage category is in the Steering Configuration as an exception. 
B. The destination domain is excluded from decryption in the decryption policy. 
C. A Netskope POP is not in your local country and therefore DLP policies cannot be 
applied. 
D. DLP policies do not apply when using IPsec as a steering option. 
Answer: AB 
Explanation: 
If the Cloud Storage category is in the Steering Configuration as an exception, then 
Netskope will not steer any traffic to or from cloud storage applications, such as 
Microsoft 365 OneDrive, to its platform. This means that Netskope willot be able to 
inspect or apply any policies to this traffic, including DLP policies. Similarly, if the 
destination domain is excluded from decryption in the decryption gsolicy, then 
Netskope will not decrypt any traffic to or from that domain, sych as onedrive.com. 
This means that Netskope will not be able to inspect or apply any policies to this 
traffic, including DLP policies. The location of the Netskose POP or the use of IPsec 
as a steering option do not affect the application of DLP policies, as long as Netskope 
can steer and decrypt the relevant traffic. <S 
Reference: Netskope Security Cloud Operation Administration (NSCO&A) - 
Classroom Course, Module 3: Steering Configuration, Lesson 1: Steering Options and 
Lesson 2: Exceptions; Module 4: Decryptign Policy, Lesson 1: Decryption Policy 
Overview and Lesson 2: Decryption Połi@y Configuration. 
: https://www.bsimm.com/: https://w, V.iso.org/isoiec-27001-information-security.html: 
httos://www.dasca.org/: Ris iat Nao iooTiamenon 
ge 

aS 
4.A customer changes GI'scoring from the default objective score to another score. 
In this scenario, what would be a valid reason for making this change? 
A. The customer has“discovered a new SaaS application that is not yet rated in the 
CCl database. 2” 
B. The customér's organization places a higher business risk weight on vendors that 
claim ownership of their data. 
C. The customer wants to punish an application vendor for providing poor customer 
service. 
D. The customer's organization uses a SaaS application that is currently listed as 
"under research". 
Answer: B 
Explanation: 
The CCI scoring is a way to measure the security posture of cloud applications based 
on a Set of criteria and weights. The default objective score is calculated by Netskope 
using industry best practices and standards. However, customers can change the CCl 


scoring to suit their own business needs and risk appetite. For example, a customer 
may want to place a higher business risk weight on vendors that claim ownership of 
their data, as this may affect their data sovereignty and privacy rights. Changing the 
CCI scoring for this reason would be valid, as it reflects the customer’s own security 
requirements and preferences. Changing the CCI scoring for other reasons, such as 
discovering a new SaaS application, punishing an application vendor, or using an 
application under research, would not be valid, as they do not align with the purpose 
and methodology of the CCI scoring. 

Reference: Netskope Security Cloud Operation & Administration (NSCO8A) - 
Classroom Course, Module 7: Cloud Confidence Index (CCl), Lesson 1: CCI 
Overview and Lesson 2: CCI Scoring. 


<$ 
5.What are two use cases for Netskope's DLP solution? (Choose tye?) 


A. to stop unintentional data movement RY 

B. to detect malware in files before they are uploaded to a cloptf’application 
C. to detect sensitive data in password protected files qe 

D. to ensure regulatory compliance Ro 

Answer: A, D oe 

Explanation: < 


Netskope’s DLP solution is a powerful tool that géh help customers protect their 
sensitive data from unauthorized access, e ure, or loss. One use case for 
Netskope’s DLP solution is to stop unintegłional data movement, such as accidental 
uploads, downloads, or sharing of confis€ntial files or information to or from cloud 
applications. Another use case for gtSkope’s DLP solution is to ensure regulatory 
compliance, such as GDPR, HIPAA, PCI-DSS, or other industry-specific standards 
that require data protection an@rivacy measures. Netskope’s DLP solution can help 
customers comply with theg@regulations by detecting and preventing data breaches, 
enforcing encryption poligiés, applying data retention rules, and generating audit 
reports. Detecting malware in files before they are uploaded to a cloud application or 
detecting sensitive ga a in password protected files are not use cases for Netskope’s 
DLP solution, as fey are more related to threat protection or file inspection 
capabilities. 

Reference: Netskope Security Cloud Operation & Administration (NSCO8A) - 
Classroom Course, Module 6: Data Loss Prevention, Lesson 1: DLP Overview. 


6.What are two uses for deploying a Netskope Virtual Appliance? (Choose two.) 
A. as an endpoint for Netskope Private Access (NPA) 

B. as a local reverse-proxy to secure a SaaS application 

C. as a log parser to discover in-use cloud applications 

D. as a Secure Forwarder to steer traffic 

Answer: A, D 


Explanation: 
A Netskope Virtual Appliance is a software-based appliance that can be deployed on- 
premises or in the cloud to provide various functions and features for the Netskope 
Security Cloud platform. One use for deploying a Netskope Virtual Appliance is as an 
endpoint for Netskope Private Access (NPA), which is a service that allows users to 
securely access private applications without exposing them to the internet or using 
VPNs. Another use for deploying a Netskope Virtual Appliance is as a Secure 
Forwarder to steer traffic from on-premises devices or networks to the Netskope 
platform for inspection and policy enforcement. Using a Netskope Virtual Appliance as 
a local reverse-proxy to secure a SaaS application or as a log parser to discover in- 
use cloud applications are not valid uses, as these functions are performed by other 
components of the Netskope Security Cloud platform, such as the Cloud Access 
Security Broker (CASB) or the Cloud XD engine. ¢ 
Reference: Netskope Security Cloud Operation & Administration (NSCO&A) - 
Classroom Course, Module 2: Architecture Overview; [Netskope Private Access]; 

© 
[Netskope Secure Forwarder]. Fa 
S 
7.You are working with a large retail chain and have géticerns about their customer 
data. You want to protect customer credit card datako that it is never exposed in 
transit or at rest. Ka 
In this scenario, which regulatory compliancgStandard should be used to govern this 
data? t 
A. SOC 3 a 
B. PCI-DSS Pa 
C. AES-256 a 
D. ISO 27001 a 
Answer: B Ny 
Explanation: A 
PCI-DSS stands for P. ent Card Industry Data Security Standard, which is a set of 
security requiremerts for organizations that handle credit card data. It aims to protect 
cardholder data {pm unauthorized access, disclosure, or theft, both in transit and at 
rest. PCI-DSS €overs various aspects of security, such as encryption, authentication, 
firewall, logging, monitoring, and incident response. If you are working with a large 
retail chain and have concerns about their customer data, you should use PCI-DSS 
as the regulatory compliance standard to govern this data. SOC 3, AES-256, and ISO 
27001 are not specific to credit card data protection, although they may have some 
relevance to general security practices. 
Reference: [PCI-DSS], [SOC 3], [AES-256], [ISO 27001]. 


8.You need to block all users from uploading data files into risky collaboration 
applications. 


Which element must you configure within Netskope's CASB to accomplish this task? 
A. DLP Rule 
B. real-time policy 
C. DLP Profile 
D. block notification 
Answer: B 
Explanation: 
A real-time policy is a type of policy in Netskope’s CASB that allows you to control 
the actions that users can perform on cloud applications in real time. You can use a 
real-time policy to block all users from uploading data files into risky collaboration 
applications by specifying the following elements: the application category (such as 
Collaboration), the activity (such as Upload), the file type (Such as Data), the risk level 
(such as High or Very High), and the action (such as Block). A DLP rule, a DLP 
profile, and a block notification are not sufficient to accomplish this ga8k, as they are 
either sub-components or outcomes of a real-time policy. RY 
Reference: Netskope Security Cloud Operation & Administration (NSCO8&A) - 
Classroom Course, Module 5: Real-Time Policies, Lesson Real-Time Policy 
Overview and Lesson 2: Real-Time Policy Configuration? 
ge 

& 
9.Which three security controls are offered by thgfNetskope Cloud platform? (Choose 
three.) Ra 
A. identity lifecycle management ? 
B. data loss prevention for SMTP &? 
C. cloud security posture manage 
D. endpoint anti-malware ss 
E. threat protection ww 
Answer: BCE © 
Explanation: ry 
Three security controlgthat are offered by the Netskope Cloud platform are: 
C. cloud security pasture management, 
E. threat protectigh, and 
B. data loss oravention for SMTP. 
Cloud security posture management is a service that provides continuous 
assessment and remediation of public cloud deployments for risks, threats, and 
compliance issues. Netskope CSPM leverages the APIs available from cloud service 
providers such as AWS, Azure, and GCP to scan the cloud infrastructure for 
misconfigurations, such as insecure permissions, open ports, unencrypted data, etc. 
Netskope CSPM also provides security posture policies, profiles, and rules that can 
be customized to match the security standards and best practices of the organization 
or industry. 
Threat protection is a capability to detect and block malware, ransomware, phishing, 
and other cyber threats that may compromise cloud data or users. Netskope threat 


protection uses advanced techniques such as machine learning, sandboxing, threat 
intelligence, and behavioral analysis to identify and prevent malicious activities in real 
time. Netskope threat protection also integrates with third-party solutions such as 
antivirus engines, firewalls, SIEMs, etc., to provide comprehensive defense across 
the cloud and web1. 
Data loss prevention for SMTP is a feature that allows you to protect sensitive data 
that is sent or received via email. Netskope DLP for SMTP can scan email messages 
and attachments for predefined or custom data patterns, such as credit card numbers, 
social security numbers, health records, etc., and apply appropriate actions, such as 
block, quarantine, encrypt, notify, etc., based on the DLP policies. Netskope DLP for 
SMTP can also support multiple email domains and routing rules for different groups 
of users2. 

eo 
10.You want to use an out-of-band API connection into your sangfioned Microsoft 365 
OneDrive for Business application to find sensitive content, enforce near real-time 
policy controls, and quarantine malware. so 
In this scenario, which primary function in the Netskope platform would you use to 
connect your application to Netskope? Ko 
A. DLP forensics < 
B. Risk Insights oe” 
C. laaS APl-enabled Protection ¢ 
D. SaaS API-enabled Protection $ 
Answer: D we 
Explanation: Y 
SaaS APl-enabled Protection is agimary function in the Netskope platform that 
allows customers to connect t sanctioned SaaS applications to Netskope using 
out-of-band API connections This enables customers to find sensitive content, 
enforce near real-time poly controls, and quarantine malware in their SaaS 
applications without affecting user experience or performance. If you want to use an 
out-of-band API copiection into your sanctioned Microsoft 365 OneDrive for Business 
application to achiéve these goals, you should use SaaS API-enabled Protection as 
the primary funétion in the Netskope platform. DLP forensics, Risk Insights, and laaS 
APl-enabled Protection are not primary functions in the Netskope platform that can be 
used to connect your application to Netskope. 
Reference: [Netskope SaaS APl-enabled Protection]. 


11.You need to create a service request ticket for a client-related issue using the 
Netskope client UI. 

In this scenario, you generate the client logs by right-clicking on the system tray icon 
and choosing 

A. Save logs 


B. Configuration 

C. Troubleshoot 

D. Help 

Answer: C 

Explanation: 

To create a service request ticket for a client-related issue using the Netskope client 
UI, you need to generate the client logs by right-clicking on the system tray icon and 
choosing Troubleshoot. This will open a window where you can select the option to 
Save Logs, which will create a zip file containing the client logs. You can then attach 
this file to your service request ticket and provide any relevant details about the issue. 
Choosing Save logs, Configuration, or Help will not generate the client logs, as they 
perform different functions, such as saving the current configuration, opening the 
settings menu, or opening the help page. ¢ 

Reference: [Netskope Client Troubleshooting]. a 


12.What are two characteristics of Netskope's Private Acces Solution? (Choose 
two.) we 

A. It provides protection for private applications. eo 
B. It provides access to private applications. <$ 
C. It acts as a cloud-based firewall. $ 

D. It requires on-premises hardware. e? 
Answer: AB © 
Explanation: we 

Netskope’s Private Access Solutio isa service that allows users to securely access 
private applications without exposing them to the internet or using VPNs. It provides 
protection for private applicatigns by encrypting the traffic, enforcing granular policies, 
and preventing data exfiltratien. It also provides access to private applications by 
creating a secure tunne stween the user’s device and the application’s server, 
regardless of their locaton or network. It does not act as a cloud-based firewall, as it 
does not filter or black traffic based on ports or protocols. It does not require on- 
premises hardwasé, as it is a cloud-native solution that leverages Netskope’s global 
network of points of presence (POPs). 

Reference: [Netskope Private Access]. 


13.You are required to mitigate malicious scripts from being downloaded into your 
corporate devices every time a user goes to a website. Users need to access 
websites from a variety of categories, including new websites. 

Which two actions would help you accomplish this task while allowing the user to 
work? (Choose two.) 

A. Allow the user to browse uncategorized domains but restrict edit activities. 

B. Block malware detected on download activity for all remaining categories. 


C. Block known bad websites and enable RBI to uncategorized domains. 
D. Allow a limited amount of domains and block everything else. 
Answer: B, C 
Explanation: 
To mitigate malicious scripts from being downloaded into your corporate devices 
every time a user goes to a website, you need to use Netskope’s threat protection 
features to block or isolate potentially harmful web traffic. Two actions that would help 
you accomplish this task while allowing the user to work are: block malware detected 
on download activity for all remaining categories and block known bad websites and 
enable RBI to uncategorized domains. The first action will prevent any files that 
contain malware from being downloaded to your devices from any website category, 
except those that are explicitly allowed or excluded by your policies. The second 
action will prevent any websites that are classified as malicious or phishing by 
Netskope from being accessed by your users and enable Remote Browser Isolation 
(RBI) to uncategorized domains, which are domains that have natbeen assigned a 
category by Netskope. RBI is a feature that allows users to broWse websites in a 
virtual browser hosted in the cloud, without exposing their o to any scripts or 
content from the website. Allowing the user to browse unéa egorized domains but 
restrict edit activities or allowing a limited amount of dstains and block everything 
else are not effective actions, as they may either litt the user’s productivity or 
expose them to unknown risks. oe” 
Reference: [Netskope Threat Protection], [Neikope Remote Browser Isolation]. 

Roe 
14.A customer asks you to create s ral real-time policies. Policy A generates alerts 
when any user downloads, uploads, or shares files on a cloud storage application. 
Policy B blocks users from Tea files from any operating system (OS) other 
than Mac or Windows for clgùd storage. 
In this case, policy A is igest restrictive and policy B is more restrictive. 
Which statement is cayPact in this scenario? 
A. Policy A is implegtented before policy B. 
B. Policy B is imgiémented before policy A. 
C. The policy ofder is not important; policies are independent of each other. 
D. These two policies would actually not work together. 
Answer: B 
Explanation: 
In this scenario, policy B is more restrictive than policy A, as it blocks users from 
downloading files from any OS other than Mac or Windows for cloud storage, while 
policy A only generates alerts when any user downloads, uploads, or shares files on a 
cloud storage application. Therefore, policy B should be implemented before policy A, 
as the policy order determines the order of evaluation and enforcement of the 
policies. If policy A is implemented before policy B, then policy B will never be 
triggered, as policy A will match all the download activities for cloud storage and 


generate alerts. The policy order is important; policies are not independent of each 
other, as they may have overlapping or conflicting conditions and actions. These two 
policies would actually work together, as long as they are ordered correctly. 
Reference: Netskope Security Cloud Operation & Administration (NSCO8A) - 
Classroom Course, Module 5: Real-Time Policies, Lesson 3: Policy Order. 


15.A company is attempting to steer traffic to Netskope using GRE tunnels. They 
notice that after the initial configuration, users cannot access external websites from 
their browsers. 
What are three probable causes for this issue? (Choose three.) 
A. The pre-shared key for the GRE tunnel is incorrect. 
B. The configured GRE peer in the Netskope platform is incorrect. œ 
C. The corporate firewall might be blocking GRE traffic. oat 
D. The route map was applied to the wrong router interface. > 
E. Netskope does not support GRE tunnels. 
Answer: BCD 9 

ss 
Explanation: x © 
In this scenario, there are three probable causes for thé issue of users not being able 
to access external websites from their browsers after attempting to steer traffic to 
Netskope using GRE tunnels. One cause is thattfie configured GRE peer in the 
Netskope platform is incorrect, which means that the Netskope POP that is supposed 
to receive the GRE traffic from the customers network is not matching the IP address 
of the customer's router that is sending,the GRE traffic. This will result in a failure to 
establish a GRE tunnel between the gustomer and Netskope. Another cause is that 
the corporate firewall might be blog ing GRE traffic, which means that the firewall 
rules are not allowing the GREsprotocol (IP protocol number 47) or the UDP port 4789 
(for VXLAN encapsulation) & pass through. This will result in a failure to send or 
receive GRE packets beeen the customer and Netskope. A third cause is that the 
route map was applied to the wrong router interface, which means that the 
configuration that specifies which traffic should be steered to Netskope using GRE 
tunnels was not applied to the correct interface on the customer's router. This will 
result in a failu% to steer the desired traffic to Netskope. The pre-shared key for the 
GRE tunnel is incorrect is not a probable cause for this issue, as GRE tunnels do not 
use pre-shared keys for authentication or encryption. Netskope does support GRE 
tunnels, so this is not a cause for this issue either. 
Reference: [Netskope Secure Forwarder], Netskope Security Cloud Operation & 
Administration (NSCO&A) - Classroom Course, Module 3: Steering Configuration, 
Lesson 3: Secure Forwarder. 


16.What are two fundamental differences between the inline and API implementation 
of the Netskope platform? (Choose two.) 


A. The API implementation can be used with both sanctioned and unsanctioned 
applications. 
B. The API implementation can only be used with sanctioned applications. 
C. The inline implementation can effectively block a transaction in both sanctioned 
and unsanctioned applications. 
D. The inline implementation can only effectively block a transaction in sanctioned 
applications. 
Answer: BC 
Explanation: 
The inline and API implementation of the Netskope platform are two different ways of 
connecting cloud applications to Netskope for inspection and policy enforcement. Two 
fundamental differences between them are: The API implementation can only be used 
with sanctioned applications, which are applications that are approved,and authorized 
by the organization for business use. The API implementation relies4on using out-of- 
band API connections to access data and events from these applications and apply 
near real-time policies. The inline implementation can effectively block a transaction in 
both sanctioned and unsanctioned applications, which are lications that are not 
approved or authorized by the organization for business ge. The inline 
implementation relies on using in-band proxy or revetgé-proxy connections to 
intercept traffic to and from these applications and @pply real-time policies. The API 
implementation can be used with both sanctione@and unsanctioned applications and 
the inline implementation can only effectivel Bock a transaction in sanctioned 
applications are not true statements, as they contradict the actual capabilities and 
limitations of each implementation metkéd. 
Reference: [Netskope SaaS APLengbfed Protection], [Netskope Inline CASB]. 

= 
17.Your company asks youge obtain a detailed list of all events from the last 24 hours 
for a specific user. $ 
In this scenario, what ge two methods to accomplish this task? (Choose two.) 
A. Use the Netskopsfeporting engine. 
B. Export the dała from Skope IT Application Events. 
C. Use the Netkope REST API. 
D. Export the data from Skope IT Alerts. 
Answer: BC 
Explanation: 
In this scenario, there are two methods to obtain a detailed list of all events from the 
last 24 hours for a specific user. One method is to export the data from Skope IT 
Application Events, which is a feature in the Netskope platform that allows you to view 
and analyze all the activities performed by users on cloud applications. You can use 
filters to narrow down your search by user name, time range, application, activity, and 
other criteria. You can then export the data to a CSV or JSON file for further analysis 
or reporting. Another method is to use the Netskope REST API, which is a 


programmatic interface that allows you to access and manipulate data from the 
Netskope platform using HTTP requests. You can use the API to query for events by 
user name, time range, application, activity, and other parameters. You can then 
retrieve the data in JSON format for further analysis or integration with other tools. 
Using the Netskope reporting engine or exporting the data from Skope IT Alerts are 
not methods to obtain a detailed list of all events from the last 24 hours for a specific 
user, as they are more suited for generating summary reports or alerts based on 
predefined criteria or thresholds, rather than granular event data. 

Reference: [Netskope Skope IT Application Events], [Netskope REST API]. 


18.Why would you want to define an App Instance? 
A. to create an API Data Protection Policy for a personal Box instance 
B. to differentiate between an enterprise Google Drive instance vs.arPersonal Google 


Drive instance RY 
C. to enable the instance_id attribute in the advanced search field when using query 
mode 6° 


D. to differentiate between an enterprise Google Drive nce vs. an enterprise Box 
, 

instance ow 

Answer: B < 

Explanation: P 

An App Instance is a feature in the Netskop Eatform that allows you to define and 
identify different instances of the same clqud application based on the domain name 
or URL. For example, you can define ag pp Instance for your enterprise Google 
Drive instance (such as drive.googl om/a/yourcompany.com) and another App 
Instance for your personal Google, rive instance (such as drive.google.com). This 
way, you can differentiate between them and apply different policies and actions 
based on the App Instance g¥ou would want to define an App Instance to achieve this 
level of granularity and ggintro| over your cloud application activities. Creating an API 
Data Protection Policy fér a personal Box instance, enabling the instance_id attribute 
in the advanced seafth field, or differentiating between an enterprise Google Drive 
instance vs. an epferprise Box instance are not valid reasons to define an App 
Instance, as they are either unrelated or irrelevant to the App Instance feature. 
Reference: Netskope Security Cloud Operation & Administration (NSCO8A) - 
Classroom Course, Module 5: Real-Time Policies, Lesson 4: App Instances. 


19.You want to enable Netskope to gain visibility into your users’ cloud application 
activities in an inline mode. 

In this scenario, which two deployment methods would match your inline use case? 
(Choose two.) 

A. Use a forward proxy. 

B. Use an API connector 


C. Use a log parser. 
D. Use a reverse proxy. 
Answer: A, D 
Explanation: 
To enable Netskope to gain visibility into your users’ cloud application activities in an 
inline mode, you need to use a deployment method that allows Netskope to intercept 
and inspect the traffic between your users and the cloud applications in real time. Two 
deployment methods that would match your inline use case are: use a forward proxy 
and use a reverse proxy. A forward proxy is a deployment method that allows 
Netskope to act as a proxy server for your users’ outbound traffic to the internet. You 
can configure your users’ devices or browsers to send their traffic to Netskope’s 
proxy server, either manually or using PAC files or VPN profiles. A reverse proxy is a 
deployment method that allows Netskope to act as a proxy server for your users’ 
inbound traffic from specific cloud applications. You can configure year cloud 
applications to redirect their traffic to Netskope’s proxy server, either using custom 
URLs or certificates. Using an API connector or a log parser are not deployment 
methods that would match your inline use case, as they arętfħore suitable for out-of- 
band modes that rely on accessing data and events frohe cloud applications using 
APIs or logs, rather than intercepting traffic in real ti AÀ 
Reference: [Netskope Inline CASB], Netskope A, Cloud Operation & 
Administration (NSCO&A) - Classroom Course Module 3: Steering Configuration, 
Lesson 4: Forward Proxy and Lesson 5: Rey e Proxy. 

X 
20.Which two cloud security and inf Structure enablement technologies does Secure 
Access Service Edge (SASE) cogs into its unified platform? (Choose two.) 
A. Distributed Denial of Serviggs rotection (DDoS) 
B. Zero Trust Network Accegs (ZTNA) 
C. Cloud Access SecuritytBroker (CASB) 
D. Unified Threat Management (UTM) 
Answer: BC rs 
Explanation: K 
Secure AccessService Edge (SASE) is a cloud-based architecture that combines 
various cloud security and infrastructure enablement technologies into a unified 
platform that delivers security and networking services from the edge of the network. 
Two of these technologies are Zero Trust Network Access (ZTNA) and Cloud Access 
Security Broker (CASB). ZTNA is a technology that provides secure access to private 
applications without exposing them to the internet or using VPNs. It uses identity- 
based policies and encryption to grant granular access to authorized users and 
devices, regardless of their location or network. CASB is a technology that provides 
visibility and control over cloud applications (SaaS) used by users and devices. It 
uses API connections or inline proxies to inspect and enforce policies on data and 
activities in cloud applications, such as data loss prevention, threat protection, or 


compliance. Distributed Denial of Service Protection (DDoS) and Unified Threat 
Management (UTM) are not technologies that SASE combines into its unified 
platform, although they may be related or integrated with some of its components. 
Reference: [SASE], [ZTNA], [CASB]. 
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